Your message dated Sat, 26 Jul 2008 09:40:27 +0000 with message-id <[EMAIL PROTECTED]> and subject line Bug#491263: fixed in debian-installer 20070308etch3 has caused the Debian Bug report #491263, regarding network-console, etch netinst, openssh to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 491263: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=491263 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems
--- Begin Message ---Package: network-console Version: 1.11 A few issues relating to network-console on etch netinst 4.0r3: * Keys generated by network-console are found on the blacklist included with newer versions of openssh-server. * If network-console is used for a new installation, openssh-server is installed on the new system, but .broken keys are left lying around in /etc/ssh. * Likewise to above, the rsa host key (/etc/ssh/ssh_host_rsa_key.pub) is found to be on the blacklist, and appears that it may be the same rsa key used during installation via network-console. An 'ls -al *key*' in /etc/ssh on a newly installed system gives something similar to: -rw------- 1 root root 668 2008-07-17 07:24 ssh_host_dsa_key -rw------- 1 root root 668 2008-07-17 07:21 ssh_host_dsa_key.broken -rw-r--r-- 1 root root 612 2008-07-17 07:24 ssh_host_dsa_key.pub -rw-r--r-- 1 root root 612 2008-07-17 07:21 ssh_host_dsa_key.pub.broken -rw------- 1 root root 1675 2008-07-17 07:26 ssh_host_rsa_key -rw------- 1 root root 1675 2008-07-17 07:21 ssh_host_rsa_key.broken -rw-r--r-- 1 root root 404 2008-07-17 07:26 ssh_host_rsa_key.pub -rw-r--r-- 1 root root 404 2008-07-17 07:21 ssh_host_rsa_key.pub.broken Likewise, checking for these keys in the blacklist: # for key in ssh_host_[rd]sa_key.pub{,.broken}; do grep -q $(ssh-keygen \ -l -f $key | awk '{print $2}' | cut -d: -f7- | tr -d :) blacklist.* \ && echo "$key is on the blacklist"; done ssh_host_rsa_key.pub is on the blacklist ssh_host_dsa_key.pub.broken is on the blacklist ssh_host_rsa_key.pub.broken is on the blacklist -- Mike Edwards | If this email address disappears, Unsolicited advertisments to | assume it was spammed to death. To this address are not welcome. | reach me in that case, s/-.*@/@/ "Our progress as a nation can be no swifter than our progress in education. The human mind is our fundamental resource." -- John F. Kennedy
--- End Message ---
--- Begin Message ---Source: debian-installer Source-Version: 20070308etch3 We believe that the bug you reported is fixed in the latest version of debian-installer, which is due to be installed in the Debian FTP archive: debian-installer_20070308etch3.dsc to pool/main/d/debian-installer/debian-installer_20070308etch3.dsc debian-installer_20070308etch3.tar.gz to pool/main/d/debian-installer/debian-installer_20070308etch3.tar.gz debian-installer_20070308etch3_s390.deb to pool/main/d/debian-installer/debian-installer_20070308etch3_s390.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Frans Pop <[EMAIL PROTECTED]> (supplier of updated debian-installer package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Sat, 19 Jul 2008 10:03:12 +0200 Source: debian-installer Binary: debian-installer Architecture: source s390 Version: 20070308etch3 Distribution: stable Urgency: low Maintainer: Debian Install System Team <debian-boot@lists.debian.org> Changed-By: Frans Pop <[EMAIL PROTECTED]> Description: debian-installer - Debian installer Closes: 491263 Changes: debian-installer (20070308etch3) stable; urgency=low . * Rebuild to ensure the installer includes fixed versions of openssh for the SSH key vulnerability (DSA-1576-1). This affects architectures using network-console (arm, mipsel) and generic (s390) images. The upcoming 4.0r4 point release will ensure fixed versions of openssh are also included for all CD-based installations. Closes: #491263. Files: 2afb2d02a80eb62e802bd9ffd09e28d2 2146 devel optional debian-installer_20070308etch3.dsc 7ba0aac31e6876bb3d2c9f69879badfb 1230217 devel optional debian-installer_20070308etch3.tar.gz 307b906cc0caed3c731a1797d47d507b 766530 devel optional debian-installer_20070308etch3_s390.deb 0170335eab9a250482110ac0b3c48310 6669053 raw-installer - debian-installer-images_20070308etch3_s390.tar.gz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkiBy14ACgkQgm/Kwh6ICoRkjwCfcVObsHOSPk0AJM6NY4N6OL4N k2wAnRna/kXPmqZokCxTpo+HpSq2X0vb =1KE6 -----END PGP SIGNATURE-----
--- End Message ---
